Date: Mon, 12 Nov 2001 19:56:36 -0800 (PST) From: Lamont Granquist <lamont@scriptkiddie.org> To: =?iso-8859-1?Q?R=E9mi_Guyomarch?= <rguyom@pobox.com> Cc: FreeBSD Security List <freebsd-security@FreeBSD.ORG> Subject: Re: Bump-in-the-Road IPsec? Message-ID: <20011112195514.I2161-100000@coredump.scriptkiddie.org> In-Reply-To: <20011112193144.N1819-100000@coredump.scriptkiddie.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 12 Nov 2001, Lamont Granquist wrote: > On Tue, 13 Nov 2001, [iso-8859-1] R=E9mi Guyomarch wrote: > > On Tue, Nov 13, 2001 at 03:14:38AM +0100, R=E9mi Guyomarch wrote: > > ... > > > On OpenBSD, use the gif device, along with IPSec in transport mode > > > and the same bridge setup as described below. > > > > Damn! I just realised that gif(4) only handles IP frames :-( > > Still a transparent bridge, but only suitable for IP... > > [same thing with gre(4)] > > only suitable for IP is fine by me. the thing is that i really want thes= e > to be two completely seperate networks with real ip #s. the stuff i've > found on the net so far suggests using gif to bridge between two remote > networks that share the same private ip space. Would it work doing it with two bridge devices? So you'd have bridge0 with xl0 (external) and xl1 (internal) and then bridge1 with xl1 (internal) and gif0 (tunnel)? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011112195514.I2161-100000>